Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Autonomous Research Loop
v1.0.0🦞 自主研究无限循环 - 自主生成研究主题、深度研究、创建飞书文档、无限循环运行。
⭐ 0· 53·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to autonomously generate research topics, perform deep research, and create Feishu (飞书) documents on a repeating schedule. The SKILL.md repeatedly references creating docs and outputting briefings to Feishu, yet the skill declares no required environment variables, no credentials, and no integration details. Creating docs in Feishu normally requires API credentials (app id/secret, bot token, or webhook). The absence of any declared credentials or instructions for authenticating is a mismatch between claimed capability and what would actually be required to implement it.
Instruction Scope
The instructions instruct an autonomous infinite loop (cron every 5 minutes) that reads and writes /root/.openclaw/workspace/research_pool.json, generates topics, performs research, and posts outputs to Feishu without human confirmation. The SKILL.md gives the agent broad discretion ('模型自己解决研究质量问题', '不等待人工确认') and no explicit limits on outbound endpoints or rate limits. That open-ended autonomy plus unspecified external posting destinations is a scope risk: the agent could contact arbitrary endpoints or flood an external service.
Install Mechanism
This is instruction-only with no install spec and no code files; nothing is written to disk by an installer. That reduces supply-chain risk compared with an installer that downloads executables.
Credentials
No environment variables or credentials are declared, yet the runtime behavior requires Feishu access and likely other integration credentials. The skill also specifies a configuration stored at /root/.openclaw/workspace/research_pool.json, which implies read/write access to the agent workspace and potentially sensitive local state. The lack of declared credentials is a disproportionate gap: either the skill expects implicit global credentials (not declared) or it's incomplete/ambiguous.
Persistence & Privilege
The skill is not configured as always:true and uses normal autonomous invocation. However, _meta.json contains an explicit cron_job entry that schedules runs every 5 minutes. Combined with the instruction to run without human confirmation and with no per-day limits, this grants the skill ongoing operational presence and can lead to high frequency outbound activity. Autonomous invocation alone is expected, but combined with the other concerns (missing credentials, unlimited loop) this increases the operational risk.
What to consider before installing
Key things to clarify before installing: 1) Feishu integration: how will the skill authenticate and where are those credentials stored? Require explicit env vars (app id/secret, bot token, or webhook URL) declared in the skill manifest rather than implicit/global credentials. 2) Rate limits and safeguards: add a sensible daily cap and exponential backoff on failures; avoid an unconditional infinite loop without human review. 3) Least privilege: ensure any Feishu token has minimal permissions (only create docs/post messages) and is scoped to a dedicated bot/app. 4) Workspace access: confirm what data resides in /root/.openclaw/workspace; run the skill under a low‑privilege account and avoid using root paths if possible. 5) Audit and logging: require explicit telemetry/exit behavior and an opt‑out for autonomous runs; consider manual approval for new generated topics or for publishing outputs. 6) Test in a sandbox: run the skill in an isolated environment with mock Feishu endpoints to verify actual behavior. If the owner cannot explain where credentials come from or refuses to add explicit env var requirements and rate limits, treat the skill as risky and do not enable it for autonomous operation.Like a lobster shell, security has layers — review code before you run it.
latestvk975kdxvvtw65ecr0k579gxjwh842a5n
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🦞 Clawdis
OSLinux